nmap -vv -F -sS -A -P0 [some ip]
I like to use "-vv" for extra detail.
Let's say I just wanted to check the version of SSH I was using on an older Linux machine. Nmap can even tell me what protocol revision SSH supports on the machine. Here is how I would do that:
nmap -sS -A -P0 -p 22 [my ip] | grep ssh
Here are the results from an actual machine:
22/tcp open ssh OpenSSH 3.6.1p2 (protocol 1.99)
SSH protocol version 1.99 has issues and OpenSSH needs to be updated on this machine.
Nmap and software version detection inside Secure Trends
Because Secure Trends can use Nmap for scanning, it gathers information about open network software running on computers that have been scanned. From the Ports tab, you can click on a port to see what different computers have that port open and what software is running on those machines.
Above is a partial screenshot from a real set of hosts in ST. Each IP is a clickable link so that you can see everything else running on that machine. In this case two machines are still allowing protocol version 1.99, but it is probably easily fixed by changing their config file to only permit version 2.0. How do I know this? Partly because I already know, but also because the machine with the IP address ending ".24" is running the same OpenSSH program version, but is clearly locked down to only support protocol version 2.
Comments